How to add HTTP Basic Authentication to your Rails application
From time to time, it’s good to deploy an early version of your application, so the client can take a look. With services like Heroku, it’s super easy to deploy, but it’s not good to leave the application visible to the public.
HTTP BASIC AUTHENTICATION TO THE RESCUE
Most of the PaaS providers abstract the web server from you, but even you have access to it, you can use Rails to setup basic authentication.
First, create a new concern in your controllers folder.
# app/controllers/concerns/http_auth_concern.rb
module HttpAuthConcern
extend ActiveSupport::Concern included do
before_action :http_authenticate
end def http_authenticate
return true unless Rails.env == 'production' authenticate_or_request_with_http_basic do |username, password|
username == 'username' && password == 'password'
end
end
end
Now you just need to include this module in your application controller.
# app/controllers/application_controller.rb
class ApplicationController < ActionController::Base include HttpAuthConcern # rest of your codeend
If you don’t need the environment check, you can skip everything and just use the http_basic_authenticate_with
method, which takes options hash as an argument.
# app/controllers/application_controller.rb
class ApplicationController < ActionController::Base http_basic_authenticate_with name: 'username', password: 'password'end